1. Field of the Invention
The present invention relates to determining a degree of confidentiality of a document shared by multiple organizations. More particularly, it relates to a method, an apparatus and a computer program for supporting such determination.
2. Description of Related Art
Opportunities to improve business efficiency by sharing information with multiple organizations by use of collaboration systems typified by groupware have been increasing. Nowadays, such collaboration systems are often implemented by using the Internet environment. In such case, if confidential information is mistakenly set to be sharable, such mistake increases the risk of a loss of credibility due to a leakage of personal information, and the risk of an economic loss due to a leakage of company confidential information, and the like. Accordingly, one of the most important tasks to be conducted is to correctly set a degree of confidentiality for information to be shared.
In addition, information to be shared, for example, office documents, may possibly include highly confidential information such as personal information of users and confidential business information. In an office, especially, it is common for a user who creates electronic document files to manage these documents on a computer that the user himself/herself uses, and frequently edits and updates the electronic document files. For this reason, confidential information management may have to depend on skills, morals and the like of each user.
Instead, many companies conduct integrated management of all the office documents on their management servers. In this case, however, it is difficult to trace how a file downloaded from the server by a user is updated and edited. Thus, the companies eventually rely on the morals of the user in order to manage confidential documents. Alternatively, a monitoring software product has been developed which is installed onto all the computers used by users to monitor the whole of update processing by all the users. Effective operation using such a monitoring software product, however, is difficult from the viewpoints of cost effectiveness and software maintenance. Moreover, if a member of a subcontracting company for system development downloads an office document, the member may update the office document in an environment outside the environment monitored by the monitoring software. In this case, the monitoring software product cannot monitor such update at all.
Another product called “Proofpoint” has also been released to prevent information leakage by determining degrees of confidentiality of documents based on the similarities of the documents. See Proofpoint, Internet <URL: http://www.source-pod.com/antivirus/proofpoint/function.html>. Japanese Patent Application Publication No. 2007-81955, for example, discloses an information processing apparatus that calculates the similarities in units of documents. More specifically, the information processing apparatus calculates similarities of each target document to given confidential documents, and determines the degree of confidentiality of the target document on the basis of the highest similarity among the similarities thus calculated. The information processing apparatus disclosed in Japanese Patent Application Publication No. 2007-81955, however, only calculates the similarities between a document whose degree of confidentiality is to be determined and confidential documents, and is incapable of determining which part in a confidential document is highly confidential. In other words, the information processing apparatus is capable of determining the degrees of confidentiality only in units of documents. Due to this incapability, this information processing apparatus has a problem that a document might be incorrectly determined as a confidential document although it is actually a non-confidential document.
Instead, another method has been also employed in which the degree of confidentiality of a document is recorded by embedding a character string such as “for internal use only,” for example, into the document in accordance with a particular security policy. This method, however, has the following drawbacks. Specifically, as a result of the employment of this method, users have to be burdened with an operation of embedding a certain character string into a document. In addition, if an erroneous character string is embedded into a document, the document may be determined as having an incorrect degree of confidentiality in the confidentiality determination processing. To be more precise, if a user forgets to embed the character string “for internal use only” into a document to be originally treated as a confidential document, this document may be incorrectly determined as a non-confidential document without undergoing any confidential determination processing. Accordingly, this method still has a risk that such a confidential document may be widely shared.